Ok that's weird indeed. Here at European hacker events this action would be applauded. Getting permission from spy agencies before fixing something would be a surefire way to get lamest vendor, lol.

Most there don't trust government. And besides security holes can be used by all sides so it's imperative to fix them asap.